#github-actions (2021-11)

Discussions related to GitHub Actions

2021-11-22

Aleksic avatar
Aleksic

Hey, does anyone have experience with reusing github actions/workflows on multiple private repositories in a microservice architecture and would like to maybe share how you are doing it or some possible solutions? The most important things are:

• Repo containing the reusable actions/workflows needs to be private.

• Service repos should reference the reusable actions/workflows repo (not distribute workflows) So far I have tested out: Reusable workflows: would be very nice but it requires the reusable workflow repo to be public or internal (we don’t have enterprise github) Composite actions: works but some requires some additional checkout boilerplate when referencing a private repo.

Darren Cunningham avatar
Darren Cunningham
Actions: Reusable workflows · Issue #98 · github/roadmap attachment image

Summary This feature enables you to reuse an entire workflow as if it were an action. Instead of copying and pasting workflow definitions across repositories, you can reference an existing workflow…

Darren Cunningham avatar
Darren Cunningham

it supposed to be this quarter (but was already bumped from Q1 -> Q2 -> Q3 -> Q4, so might be bumped again)

Aleksic avatar
Aleksic

@Darren Cunningham but its out in beta right?

Darren Cunningham avatar
Darren Cunningham

news to me if so, but very well could be

Darren Cunningham avatar
Darren Cunningham

oh the first link you provided

Aleksic avatar
Aleksic

Did test it out here the other day, works well if the workflows are in a public repo

1
Darren Cunningham avatar
Darren Cunningham

the example at the bottom looks like it would work with a private repo

Darren Cunningham avatar
Darren Cunningham

I’m assuming that because it’s passing the secret token

Aleksic avatar
Aleksic

I think that’s just passing in a secret token, not necessarily a github token.

Aleksic avatar
Aleksic
Darren Cunningham avatar
Darren Cunningham

that’s weak

Aleksic avatar
Aleksic

1000 %

Darren Cunningham avatar
Darren Cunningham

I’m hoping that’s just limitations of the beta because that doesn’t sound like it’s adding any value in it’s current state

2021-11-09

Ozzy Aluyi avatar
Ozzy Aluyi

Hey guys, I’ve got this python script to upload my files to s3 bucket using github-actions

Ozzy Aluyi avatar
Ozzy Aluyi
import boto3
import sys

def main():
    if (len(sys.argv) < 6):
        print ('Error: Required 5 arguments.')
        # Checks for 6 because the script path is in position 0. So len is 6
        # for 5 arguments.
        sys.exit(1)

    bucket_name=sys.argv[1]
    aws_key=sys.argv[2]
    aws_access_key=sys.argv[3]
    aws_access_secret=sys.argv[4]
    local_path=sys.argv[5]
 

    session = boto3.Session(
        aws_access_key_id=aws_access_key,
        aws_secret_access_key=aws_access_secret,
    )
    client = session.client('s3')

    response = client.upload_file(
        Filename=local_path,
        Bucket=bucket_name,
        Key=aws_key
    )
    print ('Done uploading')


main()
Ozzy Aluyi avatar
Ozzy Aluyi

and this script to install boto3

Ozzy Aluyi avatar
Ozzy Aluyi
bucket_name=$1
aws_key=$2
aws_access_key=$3
aws_access_secret=$4
local_path=$5


# Remove any existing versions of a ZIP
rm -rf $local_path

# Create a zip of the current directory.
zip -r $local_path . -x .git/ .git/*** .github/workflows/release.yml scripts/pipeline/release.sh scripts/pipeline/upload_file_to_s3.py .DS_Store

# Install required dependencies for Python script.
pip3 install boto3

# Run upload script
python3 scripts/pipeline/upload_file_to_s3.py $bucket_name $aws_key $aws_access_key $aws_access_secret $local_path
Ozzy Aluyi avatar
Ozzy Aluyi

I am getting this error

Ozzy Aluyi avatar
Ozzy Aluyi
Ozzy Aluyi avatar
Ozzy Aluyi

i’ll appreciate a fix.

Ozzy Aluyi avatar
Ozzy Aluyi

thanks

Darren Cunningham avatar
Darren Cunningham

I’m going to guess that your secrets are being stripped from the python3 scripts/pipeline/upload_file_to_s3.py ... command and therefore missing args. You probably want to use environment variables that are set from secrets rather than just index based args…but again, just a guess

    keyboard_arrow_up